We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Spot and Avoid Email Spoofing

b2ap3_thumbnail_email_spoofing_400.jpgLet’s say you get an email from a close friend. It looks like it’s legitimate, until you check the contents of the message. It’s an advertisement, or it’s trying to get you to click on a link to see something “important.” Regardless of what the content of the message is, you should probably slap that bad boy in the Spam section of your email inbox. You’ve just been the target of email spoofing, and it’s more common than you might think.

Email spoofing is the act of sending a message disguised as someone else. Generally, if you receive what you think is a spoofed message from a friend, this doesn’t mean that the friend has been hacked (although it could be possible). Spoofing has been around for a while, but it continues to be a problem to this day; primarily because phishing has grown more common, and spoofing is an effective way to trick users into believing that phishing messages are the real thing.

How Spoofing Works
Email spoofing is simple enough that pretty much anyone can do it, provided they have the tools to do so. All someone needs to get started with email spoofing is a (SMTP) server, as well as some email software. There are plenty of available free SMTP servers that allow spoofers to show a different sending address, compared to the address that actually sent it. The recipient will still see the true email address, but it will appear to come from the address or name that the spoofer enters.

Still, there are other checks in place that limit the effectiveness of email spoofing. The most notable one is Sender Policy Framework (SPF), which compares the IP address of the sending server to the SPF record of the appropriate domain. If things don’t check out, the receiving server denies the message. The Huffington Post describes how this works using the following example:

Let's say someone tried to spoof Bill Gates (): They would send an email on his behalf > the recipient server would then talk back to microsoft.com and say "Hey, I have an email that is coming from 123.123.123.123 stating that it was sent from ."; > microsoft.com would then tell the recipient server, "No, sorry, it should be coming from 111.111.111.111." and the message would never get delivered.

What You Can Do About It
In general, email spoofing has trouble making it through modern email solutions like Gmail and Outlook. Still, email spoofing can be difficult to identify at times, but this is only if the spoofer has done their homework. Ordinarily, spoofing software will allow the spammer to replicate the name of the person they’re posing as, but the email address they sent their message from might still be intact. To check this, look at the email address next to the name. If it doesn’t match up, chances are you’re dealing with a spoofer.

Another clear giveaway is if the spoofer makes no attempts whatsoever to pose as the person. Does the message hold any links or have any attachments? If the message is unsolicited, there’s a solid chance that it’s a spammer trying to get you to respond or click on specific links. Your best chance of avoiding a phishing scam is to ignore messages asking you to confirm your credentials or similar information. Most organizations like banks or government institutions will never, ever, ask you to update your information through email. Also, never log into a website using links provided in suspicious emails. Always try to navigate to the location through your web browser; otherwise, you could be walking away from one trap and into another.

Taking advantage of a spam blocking solution is a great first step toward keeping your organization free from email spoofers. A comprehensive spam blocking solution like the one that Preferred offers allows your employees to go about their days without the hindrance and omnipresent threat of malicious spam messages. To learn more about how your business can take the fight to spam, give us a call at 708-781-7110.

Windows 8 Users Will No Longer Receive Patches and...
The Rise, and Fall, and Rise of Bitcoin
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, December 20 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      Many of today’s businesses span continents. That’s not an exaggeration. With faster Internet speeds fueling remote workforces, some businesses choose to strategically use workers from all over the globe to create and sell their products or services. In today’s blog, we’ll di...

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.